Skip to content

fix(adt): honor HTTP_PROXY/HTTPS_PROXY for WebSocket connections#107

Open
dme007 wants to merge 1 commit into
oisee:mainfrom
dme007:fix/websocket-proxy-env
Open

fix(adt): honor HTTP_PROXY/HTTPS_PROXY for WebSocket connections#107
dme007 wants to merge 1 commit into
oisee:mainfrom
dme007:fix/websocket-proxy-env

Conversation

@dme007
Copy link
Copy Markdown

@dme007 dme007 commented Apr 18, 2026

Summary

Extends #13 (a1af66f — "honor HTTP_PROXY/HTTPS_PROXY environment variables")
from the HTTP transport to the WebSocket path. On SAP Business Application
Studio destinations (Cloud Connector + Connectivity Proxy) every outbound
connection must go through the proxy; the HTTP-only tools started working
after #13 but every WebSocket-backed feature still failed to connect.

All WebSocket traffic in vsp — ABAP debugger, AMDP debugger, RFC execution,
report execution, abapGit WebSocket export — runs through a single
BaseWebSocketClient in pkg/adt/websocket_base.go. Neither the
websocket.Dialer nor the transient *http.Client used on the 401-retry
pre-auth path set a Proxy, so HTTP_PROXY / HTTPS_PROXY were ignored
for WebSocket connects.

The fix

Two small package-level constructors in websocket_base.go so the dialer
and the pre-auth client are created in a single, testable place:

newZADTVSPDialer(tlsConfig) → websocket.Dialer{
    Proxy:            http.ProxyFromEnvironment,
    HandshakeTimeout: 30 * time.Second,
    TLSClientConfig:  tlsConfig,
}

newPreAuthHTTPClient(jar, tlsConfig) → &http.Client{
    Transport: &http.Transport{
        Proxy:           http.ProxyFromEnvironment,
        TLSClientConfig: tlsConfig,
    },
    Jar:     jar,
    Timeout: ...,
}

The two inline blocks in BaseWebSocketClient.Connect now call these
constructors; dialer.Jar = jar on the 401-retry path stays unchanged.

Behaviour for non-proxy deployments

Unchanged. http.ProxyFromEnvironment returns nil when HTTP_PROXY /
HTTPS_PROXY / NO_PROXY are unset, so the dialer connects directly
as before. Same semantics net/http uses by default.

Regression coverage

TestNewZADTVSPDialer_HonoursProxyEnv       — dialer.Proxy non-nil,
    TLS config and handshake timeout preserved.
TestNewPreAuthHTTPClient_HonoursProxyEnv   — transport.Proxy non-nil,
    supplied jar is used, timeout non-zero.

Mirrors the style of TestNewHTTPClient at pkg/adt/config_test.go:171-192
that locks in the HTTP-side #13 fix.

Files changed

pkg/adt/websocket_base.go       — newZADTVSPDialer + newPreAuthHTTPClient
                                  constructors; Connect uses them
pkg/adt/websocket_base_test.go  — new (the two tests above)

Related issues

@claude
fix(adt): honor HTTP_PROXY/HTTPS_PROXY for WebSocket connections
d0fc60c 
Extends the oisee#13 fix (a1af66f — "honor HTTP_PROXY/HTTPS_PROXY
environment variables") from the HTTP transport to the WebSocket
path. vsp connects to /sap/bc/apc/sap/zadt_vsp over gorilla/websocket
for the ABAP debugger, AMDP debugger, RFC execution, report
execution, and abapGit WebSocket export — all routed through a single
BaseWebSocketClient in pkg/adt/websocket_base.go. Neither the
websocket.Dialer nor the transient HTTP client used on the 401-retry
pre-auth path set a Proxy, so on SAP Business Application Studio
destinations (where all outbound traffic must go through a
Connectivity Proxy) the WebSocket-backed tools fail to connect even
though the HTTP-only tools work fine after oisee#13.

Two small package-level constructors in websocket_base.go so the
dialer and pre-auth client are created in a single, testable place:

  newZADTVSPDialer(tlsConfig)         → websocket.Dialer{
                                          Proxy: http.ProxyFromEnvironment,
                                          HandshakeTimeout: 30s,
                                          TLSClientConfig:  tlsConfig,
                                        }
  newPreAuthHTTPClient(jar, tlsConfig) → &http.Client with
                                          Transport.Proxy =
                                            http.ProxyFromEnvironment

The two inline blocks in BaseWebSocketClient.Connect now call these
constructors; dialer.Jar = jar on the 401-retry path stays unchanged.

No behavioural change for deployments that don't use an HTTP proxy —
http.ProxyFromEnvironment returns nil when HTTP_PROXY / HTTPS_PROXY /
NO_PROXY are unset, so the dialer connects directly as before.

Regression coverage:

  TestNewZADTVSPDialer_HonoursProxyEnv       — dialer.Proxy non-nil,
      TLS config and handshake timeout preserved.
  TestNewPreAuthHTTPClient_HonoursProxyEnv   — transport.Proxy non-nil,
      supplied jar is used, timeout non-zero.

Mirrors the style of TestNewHTTPClient at pkg/adt/config_test.go:
171-192 that locks in the HTTP-side oisee#13 fix.

Fixes: WebSocket-mode equivalent of oisee#13
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@dme007